Daily cyber threats and internet security news: network security, online safety and latest security alerts
August 1st, 2008

MySpace And Facebook Users Targeted By New Worms

Kaspersky Lab reports two new variants of a worm which attack MySpace and Facebook users. As part of their malicious payload, the worms transform victim machines into zombie computers to form botnets. New worms are labeled as Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b.

Currently the worms are only infecting MySpace and Facebook users but their design allows to upload additional malicious modules with other functionality via the Internet. It is highly probable that victim machines will not only be used for spreading links via these social networking sites, but the botnets will also be used for other malicious purposes.

Net-Worm.Win32.Koobface.a spreads when a user accesse MySpace account. The worm creates a range of commentaries to friends’ accounts. Net-Worm.Win32.Koobface.b, which targets Facebook users, creates spam messages and sends them to the infected users’ friends via the Facebook site. The messages and comments include texts such as:

Paris Hilton Tosses Dwarf On The Street

Examiners Caught Downloading Grades From The Internet

Hello; You must see it!!! LOL. My friend catched you on hidden cam

Is it really celebrity? Funny Moments and many others.

Messages and comments on MySpace and Facebook include links to http://youtube.*******.pl. If the user clicks on this link, s/he is redirected to http://youtube.******.ru, a site which purportedly contains a video clip. If the user tries to watch it, a message appears saying that s/he needs the latest version of Flash Player in order to watch the clip. However, instead of the latest version of Flash Player, a worm disguised as file called codesetup.exe is downloaded to the victim machine. Users who have come to the site via Facebook will have the MySpace worm downloaded to their machines, and vice versa.

Users are very trusting of messages left by ‘friends’ on social networking sites and the likelihood of a user clicking on a link like this is very high. According to Kaspersky Lab, this is simply the first step, and virus writers will continue to target these resources with increased intensity.

Share this item with others:

More on CyberInsecure:
  • Facebook, MySpace Backdoor Exposed User Accounts
  • Facebook Agrees To Permanently Deploy Child-Safety Measures
  • Facebook And Myspace Are Being Link Spammed
  • Facebook Attacked By Viral Social Networking Spam From China
  • New Security Warning Feature Added On Facebook

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: MySpace And Facebook Users Targeted By New Worms

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.